UBUNTU-CVE-2026-9365

A vulnerability has been found in Ettercap up to 0.8.3. The affected element is the function FUNCDECODER of the file src/dissectors/ecgg.c of the component GG Dissector. The manipulation of the argument gg leads to heap-based buffer overflow. The attack is possible to be carried out remotely. The...

CVE-2026-4477 Yi Technology YI Home Camera WPA/WPS hard-coded key

A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.120171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can only be done within the local network. This attack is...

PT-2026-26572

A vulnerability was identified in Yi Technology YI Home Camera 2 2.1.1 20171024151200. This impacts an unknown function of the file home/web/ipc of the component HTTP Firmware Update Handler. The manipulation leads to improper verification of cryptographic signature. The attack is possible to be...

CVE-2025-20064

PT-2025-41717 documents a BIOS/UEFI update KWCN51WW that applies to Legion family devices (Legion Pro 5 16IRX8, Legion Y9000P IRX8, Legion Pro 7 16IRX8H, etc.). The update notes indicate CVE-2025-20064 is among the security vulnerabilities addressed by the patch. Affected area is the BIOS/UEFI fi...

CVE-2026-3401 SourceCodester Web-based Pharmacy Product Management System session expiration

A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of the attack is possible. The complexity of an attack is rather high. It is indicated that the...

CVE-2026-2702

A security flaw has been discovered in Beetel 777VR1 up to 01.00.09. This issue affects some unknown processing of the component WPA2 PSK. Performing a manipulation results in hard-coded credentials. The attacker must have access to the local network to execute the attack. The complexity of an...

CVE-2026-1411

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

CVE-2025-1341

A vulnerability, which was classified as problematic, was found in PMWeb 7.2.0. This affects an unknown part of the component Setting Handler. The manipulation leads to weak password requirements. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The...

EUVD-2025-32209

Malicious code in bioql PyPI...

EUVD-2025-6759

Malicious code in bioql PyPI...

EUVD-2025-17689

Malicious code in bioql PyPI...

CVE-2025-9688

A security vulnerability has been detected in Mupen64Plus up to 2.6.0. The affected element is the function writeisviewer of the file src/device/cart/isviewer.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The attack is considered to have high...

CVE-2025-8774

A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this...

CVE-2025-7214

A vulnerability classified as problematic was found in FNKvision FNK-GU2 up to 40.1.7. Affected by this vulnerability is an unknown functionality of the file /etc/shadow of the component MD5. The manipulation leads to risky cryptographic algorithm. It is possible to launch the attack on the...

CVE-2025-26394 SolarWinds SWOSH Open Redirection Vulnerability

SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required...

PT-2025-24666 · Solarwinds · Solarwinds Observability Self-Hosted

Name of the Vulnerable Software and Affected Versions: SolarWinds Observability Self-Hosted affected versions not specified Description: The issue concerns an open redirection vulnerability where the URL is not properly sanitized. This could allow an attacker to manipulate the string and redirect...

PT-2025-23902 · Radare2 · Radare2

Name of the Vulnerable Software and Affected Versions: Radare2 version 5.9.9 Description: A vulnerability has been found in the function r cons flush in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to use after free. Local access is required to...

CVE-2024-0942

A vulnerability was found in Totolink N200RE V5 9.3.5u.6255B20211224. It has been classified as problematic. Affected is an unknown function of the file /cgi-bin/cstecgi.cgi. The manipulation leads to session expiration. It is possible to launch the attack remotely. The complexity of an attack is...

CVE-2024-12663

A vulnerability classified as problematic was found in funnyzpc Mee-Admin up to 1.6. This vulnerability affects unknown code of the file /mee/login of the component Login. The manipulation of the argument username leads to observable response discrepancy. The attack can be initiated remotely. The...

CVE-2025-4769

The CVE-2025-4769 entry concerns CBEWIN Anytxt Searcher 1.3.1128.0, affecting ATService.exe with an uncontrolled search path vulnerability. According to PT-Security, exploitation requires local access, with high attack complexity and low privileges, leading to a potential local escalation or impa...